
IN THE CLAIMS 

Please amend claims 1-28 as follows: 

1. (Amended) A person authentication system for executing person authentication by 
comparing a template with sampling information, the template being person authentication data, 
and the sampling information being input by a user, the person authentication system comprising: 

a person authentication authority for issuing an electronic person authentication certificate 
including the template; and 

a person authentication execution entity for obtaining the certificate including the 
template from the person authentication certificate issued by said person authentication authority 
and executing person authentication on the basis of the obtained template; 

wherein the person authentication certificate issued by said person authentication 
authority stores usage restriction information which includes at least either a certificate expiration 
date or a certificate usage number limit; and 

said person authentication execution entity checks the validity of the person 
authentication certificate on the basis of the certificate expiration date or the certificate usage 
number limit when the person authentication is executed on the basis of the person authentication 
certificate. 

2. (Amended) A person authentication system according to Claim 1, wherein said person 
authentication execution entity checks the validity of the person authentication certificate on the 
basis of the certificate expiration date or the certificate usage number limit in person 
authentication on the basis of the person authentication certificate, and then executes the person 
authentication by comparing the template, stored in the person authentication certificate, with 
sampling information input by the user on the condition that the validity of the person 
authentication certificate has been confirmed on the basis of the certificate expiration date or the 
certificate usage number limit. 
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3. (Amended) A person authentication system according to Claim 1, wherein said person 
authentication execution entity has a person authentication executing device, and the person 
authentication executing device executes the following processing when usage restriction 
information of the certificate usage number limit is stored in the person authentication certificate: 

storing a set usage count in a memory of the person authentication executing device; 
updating usage count data stored in the memory every time the person authentication 
certificate is used; 

determining whether the usage count data is within the limits of the set usage count of the 
person authentication certificate; and 

executing person authentication by comparing user input sampling information with the 
template stored in the person authentication certificate if the usage count data is within the 
certificate usage number limit. 

4. (Amended) A person authentication system according to Claim 1, wherein the person 
authentication certificate issued by said person authentication authority stores a template 
expiration date which is information on an expiration date of the template stored in the person 
authentication certificate; and 

said person authentication execution entity checks the validity of the template on the basis 
of the template expiration date in person authentication on the basis of the person authentication 
certificate. 

5. (Amended) A person authentication system according to Claim 1, wherein said person 
authentication execution entity checks the validity of the template on the basis of the template 
expiration date in person authentication on the basis of the person authentication certificate, and 
then executes the person authentication by comparing the template, stored in the person 
authentication certificate, with sampling information input by the user on the condition that the 
validity of the template expiration date has been confirmed. 
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6. (Amended) A person authentication system according to Claim 1, wherein said person 
authentication execution entity functions as an information processing apparatus, and the 
information processing apparatus checks the validity of a template expiration date or the 
certificate expiration date of a person authentication certificate which is set in the certificate 
stored in the information processing apparatus and then outputs a request for issuing the person 
authentication certificate to said person authentication authority which issues the person 
authentication certificate when the validity can not be confirmed; 

said person authentication authority makes the person authentication certificate in which 
a new expiration date is set and then issues the person authentication certificate to the 
information processing apparatus; and 

the information processing apparatus has storage means and stores the person 
authentication certificate, which is issued by said person identification certificate authority, in 
the storage means. 

7. (Amended) A person authentication system according to Claim 1, wherein said person 
authentication authority checks the validity of a template expiration date or the expiration date 
of an issued person authentication certificate, and then gives notice to an entity receiving the 
person authentication certificate that the template expiration date or the certificate expiration date 
is approaching. 

8. (Amended) A person authentication system according to Claim 1, wherein said person 
authentication authority receives a request for updating an issued person authentication certificate 
from an entity that received the person authentication certificate, makes a second person 
authentication certificate in which an updated certificate expiration date or an updated certificate 
usage number limit is set according to the request, and then issues the second person 
authentication certificate. 
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9. (Amended) A person authentication system according to Claim 1, wherein said person 
authentication authority receives a request for updating the template, stored in the person 
authentication certificate which has been issued, from an authenticated user of the person 
authentication certificate; and 

wherein said person authentication authority nullifies the person authentication certificate 
according to the request and then makes a second person authentication certificate on the basis 
of an updated template. 

10. (Amended) A person authentication system according to Claim 1, wherein said 
person authentication authority receives data of a request for setting a template expiration date 
from an authenticated user of the person authentication certificate, and then makes a second 
person authentication certificate in which the template expiration date is set on the basis of the 
data of the request for setting the template expiration date. 

11. (Amended) A person authentication system according to Claim 1, wherein said 
person authentication authority and said person authentication executing entity execute mutual 
authentication, when data communication is performed therebetween, a data transmitter puts a 
digital signature on transmitted data, and a data receiver verifies the digital signature. 

12. (Amended) A person authentication system according to Claim 1, wherein the 
template is at least one of personal biotic information, personal nonbiotic information, and a 
password, 

wherein the personal biotic information is selected from at least one of the group 
consisting of fingerprint information, retina pattern information, iris pattern information, voice 
print information, and handwriting information, and 

wherein the personal nonbiotic information is selected from at least one of the group 
consisting of seal information, passport information, driver's license information, and card 
information. 

13. (Amended) A person authentication system according to Claim 1, wherein said 
person authentication authority puts a digital signature on a person authentication certificate 
issued by said person authentication authority. 
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14. (Amended) A person authentication method for executing person authentication by 
comparing a template with sampling information, the template being person authentication data, 
and the sampling information being input by a user, the person authentication method 
comprising: 

causing a person authentication authority to issue an electronic person authentication 
certificate including the template; 

causing a person authentication execution entity to obtain the certificate including the 
template from the person authentication certificate issued by the person authentication authority 
and to execute person authentication on the basis of the obtained template; 

storing usage restriction information, which includes at least either a certificate expiration 
date or a certificate usage number limit, in the person authentication certificate issued by the 
person authentication authority; and 

causing the person authentication execution entity to check the validity of the person 
authentication certificate on the basis of the certificate expiration date or the certificate usage 
number limit in person authentication on the basis of the person authentication certificate. 

15. (Amended) A person authentication method according to Claim 14, wherein the 
person authentication execution entity checks the validity of the person authentication certificate 
on the basis of the certificate expiration date or the certificate usage number limit in person 
authentication on the basis of the person authentication certificate, and then executes the person 
authentication by comparing the template, stored in the person authentication certificate, with 
sampling information input by the user on the condition that the validity of the person 
authentication certificate has been confirmed on the basis of the certificate expiration date or the 
certificate usage number limit. 
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16. (Amended) A person authentication method according to Claim 14, wherein [a] the 
person authentication execution entity has a person authentication executing device, and the 
person authentication executing device executes the following processing when usage restriction 
information of the certificate usage number limit is stored in the person authentication certificate: 

storing a set usage count in a memory of the person authentication executing device; 
updating usage count data stored in the memory every time the person authentication 
certificate is used; 

determining whether the usage count data is within the limits of the set usage count of the 
person authentication certificate; and 

executing person authentication by comparing sampling information, input by a user, with 
the template stored in the person authentication certificate if the usage count data is within the 
limits. 

17. (Amended) A person authentication method according to Claim 14, wherein the 
person authentication authority stores a template expiration date, which is information on an 
expiration date of the template stored in the person identification certificate made by the person 
authentication authority; and 

a person authentication execution entity checks the validity of the template on the basis 
of the template expiration date in person authentication on the basis of the person authentication 
certificate. 

18. (Amended) A person authentication method according to Claim 14, wherein the 
person authentication execution entity checks the validity of the template on the basis of a 
template expiration date in person authentication on the basis of the person authentication 
certificate, and then executes the person authentication by comparing the template, stored in the 
person authentication certificate, with sampling information input by the user on the condition 
that the validity of the template expiration date has been confirmed. 
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19. (Amended) A person authentication method according to Claim 14, wherein said 
person authentication execution entity functions as an information processing apparatus; 

the information processing apparatus checks the validity of a template expiration date or 
the certificate expiration date of a person authentication certificate which is set in the person 
authentication certificate stored in the information processing apparatus, and then outputs a 
request for issuing the person authentication certificate to the person authentication authority 
which issues the person authentication certificate when the validity can not be confirmed; 

the person authentication authority makes the person authentication certificate in which 
a new certificate expiration date is set and then issues the person authentication certificate to the 
information processing apparatus; and 

the information processing apparatus has storage means and stores the person 
authentication certificate, which is issued by the person authentication authority, in the storage 
means. 

20. (Amended) A person authentication method according to Claim 14, wherein the 
person authentication authority checks the validity of a template expiration date or the expiration 
date of the issued person authentication certificate, and then gives notice to an entity receiving 
the person authentication certificate that the template expiration date or the certificate expiration 
date is approaching. 

21. (Amended) A person authentication method according to Claim 14, wherein the 
person authentication authority receives a request for updating the issued person authentication 
certificate from an entity receiving the person authentication certificate, then makes a second 
person authentication certificate in which an updated expiration date or an updated certificate 
usage number limit is set according to the request, and issues the second person authentication 
certificate. 



8 



22. (Amended) A person authentication method according to Claim 14, wherein the 
person authentication authority receives a request for updating the template, stored in the person 
identification certificate which issued, from an authenticated user of the person authentication 
certificate; and 

wherein the person authentication authority nullifies the person authentication certificate 
according to the request and then makes a second person authentication certificate on the basis 
of the updated template. 

23. (Amended) A person authentication method according to Claim 14, wherein the 
person authentication authority receives data of a request for setting the template expiration date 
from an authenticated user of the person authentication certificate, and then makes a second 
person authentication certificate in which the template expiration date is set on the basis of the 
data of the request for setting the template expiration date. 

24. (Amended) A person authentication method according to Claim 14, wherein the 
person authentication authority and the person authentication executing entity execute mutual 
authentication, when data communication is performed therebetween, a data transmitter puts a 
digital signature on transmitted data, and a data receiver verifies the digital signature. 
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25. (Amended) An information processing apparatus for executing person authentication 
by comparing a template with sampling information, the template being person authentication 
data, and the sampling information being input by a user, the information processing apparatus 
comprising: 

a section for storing the template in an electronic person authentication certificate to 
execute person authentication on the basis of the person authentication certificate issued by a 
person authentication certificate authority which is a third party, the person authentication 
certificate storing at least one of a certificate expiration date and a certificate usage number limit; 
and 

a section for checking the validity of the person authentication certificate on the basis of 
the certificate expiration date or the certificate usage number limit in person authentication on 
the basis of the person authentication certificate, and then executing the person authentication 
by comparing the template, stored in the person authentication certificate, with the sampling 
information input by the user on the condition that the validity of the person authentication 
certificate has been confirmed on the basis of the certificate expiration date or the certificate 
usage number limit. 

26. (Amended) An information processing apparatus for executing person authentication 
by comparing a template with sampling information, the template being person authentication 
data, and the sampling information being input by a user, the information processing apparatus 
comprising: 

a section for storing the template in an electronic person authentication certificate to 
execute person authentication on the basis of the person authentication certificate issued by a 
person authentication certificate authority which is a third party, the person authentication 
certificate storing at least one of a certificate expiration date and a certificate usage number limit; 

a section for executing the following processing when usage restriction information of 
a valid certificate usage number limit is stored in the person authentication certificate: storing 
a set usage count in a memory of the information processing apparatus; updating the usage count 
stored in the memory every time the person authentication certificate is used; determining 
whether the usage count is within the limits of the certificate usage number limit of the person 
authentication certificate; and 
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executing person authentication by comparing user input sampling information with the 
template stored in the person authentication certificate if the usage count in memory is within the 
limits of the certificate usage number limit. 

27. (Amended) An information processing apparatus for executing person authentication 
by comparing a template with sampling information, the template being person authentication 
data, and the sampling information being input by a user, the information processing apparatus 
comprising: 

a section for storing the template in an electronic person authentication certificate to 
execute person authentication on the basis of person authentication certificate issued by a person 
authentication certificate authority which is a third party, the person authentication certificate 
storing at least one of a certificate expiration date and a certificate usage number limit; and 

a section for checking the validity of the template on the basis of a template expiration 
date in person authentication on the basis of the person authentication certificate, and then 
executing the person authentication by comparing the template, which is stored in the person 
authentication certificate, with the sampling information input by the user on a condition that 
validity of the template expiration date has been confirmed. 

28. (Amended) A program providing medium for proving a computer program which 
executes person authentication on the computer program by comparing a template stored in a 
person authentication certificate with sampling information, the template being person 
authentication data, and the sampling information being input by a user, 

the computer program comprising: 

a step of confirming whether usage restriction information, which includes either a 
certificate expiration date, a certificate usage number limit, or a template expiration date, is 
stored in the person authentication certificate issued by a person authentication authority; 

a step of checking the validity of the person authentication certificate on the basis of the 
certificate expiration date, the certificate usage number limit, or the template expiration date in 
person authentication on the basis of the person authentication certificate; and 

a step of executing the person authentication by comparing the template, which is stored 
in the person authentication certificate, with the sampling information input by the user on a 
condition that the validity of the person authentication certificate has been confirmed on the basis 
of the certificate expiration date, certificate usage number limit, or the template expiration date. 



